The problem is that some lines in the file are missing timestamps when they aren't continuations of any previous line. It's dumb, really.
The mysql query log is seriously bullshit format, but nothing logstash can't unscrew.
The main goal here is to show how we can fix the 'missing timestamp' problem.
% ruby bin/logstash agent -e '